Filtered by vendor Oracle
Subscriptions
Filtered by product Application Server
Subscriptions
Total
199 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0283 | 1 Oracle | 3 Application Server, Collaboration Suite, Database Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) has unspecified impact and attack vectors, as identified by Oracle Vuln# DBC02 in the Reorganize Objects & Convert Tablespace component. | ||||
| CVE-2001-0419 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. | ||||
| CVE-2004-1365 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2025-04-03 | N/A |
| Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user. | ||||
| CVE-2004-1364 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | ||||
| CVE-2005-3204 | 1 Oracle | 2 Application Server, Oracle9i | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request. | ||||
| CVE-2004-1368 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2025-04-03 | N/A |
| ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script. | ||||
| CVE-2006-0287 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | N/A |
| Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS02. | ||||
| CVE-2005-1383 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. | ||||
| CVE-2004-1363 | 1 Oracle | 7 Application Server, Collaboration Suite, Database Server and 4 more | 2025-04-03 | 9.8 Critical |
| Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed. | ||||
| CVE-2005-1495 | 1 Oracle | 3 Application Server, Oracle10g, Oracle9i | 2025-04-03 | N/A |
| Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection. | ||||
| CVE-2005-1496 | 1 Oracle | 2 Application Server, Oracle10g | 2025-04-03 | N/A |
| The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user. | ||||
| CVE-2006-3706 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 has unknown impact and attack vectors, aka Oracle Vuln# AS01. | ||||
| CVE-2004-1707 | 1 Oracle | 5 Application Server, Application Server Portal, Database Server Lite and 2 more | 2025-04-03 | N/A |
| The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0. | ||||
| CVE-2005-3446 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 and AS06. | ||||
| CVE-2005-3447 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08. | ||||
| CVE-2005-3448 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01. | ||||
| CVE-2005-3450 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in the HTTP Server in Oracle Application Server 1.0 up to 9.0.2.3 has unknown impact and attack vectors, as identified by Oracle Vuln# AS04. | ||||
| CVE-2005-3451 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in SQL*ReportWriter in Oracle Application Server 9.0 up to 9.0.2.1 has unknown impact and attack vectors, as identified by Oracle Vuln# AS10. | ||||
| CVE-2005-3452 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS13. | ||||
| CVE-2005-3453 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 has unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS12 and (2) AS14. | ||||